Systems, methods, and storage media for API detection and management in a source-code repository using a computing platform
Abstract
A system, method, and apparatus for Application Programming Interface (API) discovery that is configured to detect APIs, both active and inactive, and perform risk assessments and threat evaluations for the detected APIs. Furthermore, the system is configured to extract metadata information from a source code repository to detect APIs. In some examples, the source code repository (SCR) data can include API-specific data, non-API related data (i.e., data not related to any APIs), and metadata. The system can then assess the extracted information (e.g., API-related information) to identify vulnerabilities and conduct a threat evaluation (or threat eval). Additionally, the system is also configured to continuously and automatically update the extracted API-related information, repository metadata, etc., which can help obviate the need for manual intervention as a code base changes and APIs are created and destroyed over time.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A method for Application Programming Interface (API) detection and evaluation in source code repositories (SCRs), the method comprising:
receiving, from a user equipment (UE), one or more requests to analyze data stored across a plurality of SCRs, wherein,
the one or more requests include authentication information for accessing each of the plurality of SCRs, and
at least one of the plurality of SCRs comprises data associated with at least one Application Programming Interface (API);
obtaining access to at least one SCR of the plurality of SCRs, based on providing the respective authentication information to each of the plurality of SCRs; scanning, based on obtaining access, the at least one SCR, wherein scanning the at least one SCR comprises:
analyzing a plurality of data files stored in the at least one SCR,
extracting metadata analysis information from the at least one SCR, and
identifying at least one API associated with the at least one SCR, based on analyzing the plurality of data files and extracting the metadata analysis information;
generating an Artificial Intelligence (AI) prompt, based at least in part on extracting the metadata analysis information, wherein generating the AI prompt further comprises transmitting the AI prompt to an AI module; receiving, from the AI module, at least one API analytics dataset for the at least one API; and displaying, via a user interface (UI) of the UE, a user response including at least a portion of the API analytics dataset.
2 . The method of claim 1 further comprising:
extracting API-specific metadata from each of the at least one API, wherein the API-specific metadata comprises one or more of API identification (ID) information, directory information, and software-framework (SW-FW) information.
3 . The method of claim 1 , wherein the user response for the at least one API comprises information pertaining to one or more of:
a vulnerability level for a respective API; a threat score for the respective API; a risk assessment level for the respective API; a priority score for the respective API; one or more software (SW) languages used for the respective API; a deployed framework for the respective API; user activity history for one or more users of the respective API; and test history data for the respective API.
4 . The method of claim 1 , further comprising:
storing API-specific data associated with the at least one API to a computing platform data store, wherein the API-specific data comprises one or more of API-classification data, API-identification data, firmware (FW) data, and software (SW) data, and wherein the computing platform data store is communicatively coupled to the AI module; and periodically updating the computing platform data store using subsequent API analytics datasets received from the AI module.
5 . The method of claim 1 , wherein, prior to displaying the user response, the method comprises:
generating a static portion of the user response using a user response template; generating a dynamic portion of the user response using the API analytics dataset; and synthesizing the static and dynamic portions of the user response to generate the user response for display on the UI of the UE.
6 . The method of claim 1 , wherein,
the plurality of SCRs include at least a first SCR and a second SCR, each of the first and the second SCRs comprise a plurality of repository files including one or more API-specific data files associated with one or more APIs and one or more non API files; and wherein extracting metadata analysis information from the each of the first and the second SCRs comprises:
identifying the one or more API-specific data files from the plurality of repository files, and
extracting metadata associated with at least a portion of the plurality of repository files, including at least the one or more API-specific data files.
7 . The method of claim 6 , wherein the first and the second SCRs comprise one or more differences related to one or more of:
file directory organization; depth and breadth of file directories; available support for one or more of version control, intra-organization collaboration, inter-organization collaboration, access control, and authorization control; file naming conventions; file path conventions; and metadata information.
8 . The method of claim 1 , wherein,
the at least one API analytics dataset for the at least one API comprises a plurality of API analytics datasets, including at least a first API analytics dataset for a first SCR and a second API analytics dataset for a second SCR, the first API analytics dataset is generated by selecting a first AI model and applying the first AI model to a first AI prompt, the second API analytics dataset is generated by selecting a second AI model and applying the second AI model to a second AI prompt, the first AI model is different from the second AI model, and the first AI prompt is different from the second AI prompt.
9 . The method of claim 8 , wherein selection of the first and second AI models is based at least in part on the generated AI prompt and metadata analysis information for a respective one of the first and the second SCRs, and wherein the respective metadata analysis information for the first and the second SCRs comprises one or more of:
file-type ID information for a plurality of repository files stored in the respective SCR, and API classification information for each API stored in the respective SCR.
10 . The method of claim 1 , wherein generating the AI prompt comprises:
parsing source code metadata from the at least one SCR; generating an initial AI prompt, based at least in part on parsing the source code metadata; identifying one or more limits or constraints imposed by the AI module on AI prompts; determining whether the initial AI prompt satisfies the one or more limits or constraints; and dynamically updating the initial AI prompt to generate a compliant AI prompt, based on determining that the initial AI prompt does not satisfy the one or more limits or constraints.
11 . The method of claim 10 , wherein the generated AI prompt comprises one of the initial AI prompt or the compliant AI prompt.
12 . The method of claim 1 , wherein, prior to receiving the at least one API analytics dataset, the method comprises:
selecting, by the AI module, an AI model from a plurality of AI models; and applying, by the AI module, the selected AI model to the AI prompt to generate the API analytics dataset; and wherein the AI model is selected from a group consisting of a text-based model, a large language model (LLM), a machine-learning (ML) model, an artificial neural network (ANN) model, a decision tree model, a reinforcement learning model, and a transformer model.
13 . The method of claim 1 , wherein displaying the user response comprises displaying the API analytics dataset using one or more of: a graph, a summary report, a table, a risk assessment matrix, a risk assessment chart, a risk heat map, a vulnerability chart, a pie chart, and a bar graph.
14 . A system configured for Application Programming Interface (API) detection and evaluation using a computing platform, the system comprising:
one or more hardware processors configured by machine-readable instructions to: receive, from a user equipment (UE), one or more requests to analyze data stored across a plurality of source code repositories (SCRs), wherein, the one or more requests include authentication information for accessing each of the plurality of SCRs, and at least one of the plurality of SCRs comprises data associated with at least one API; obtain access to at least one SCR of the plurality of SCRs, based on providing the respective authentication information to each of the plurality of SCRs; scan, based on obtaining access, the at least one SCR, wherein scanning the at least one SCR comprises: analyzing a plurality of data files stored in the at least one SCR, extracting metadata analysis information from the at least one SCR, and identifying at least one API associated with the at least one SCR, based on analyzing the plurality of data files and extracting the metadata analysis information; generate an Artificial Intelligence (AI) prompt, based at least in part on extracting the metadata analysis information, wherein generating the AI prompt further comprises transmitting the AI prompt to an AI module; receive, from the AI module, at least one API analytics dataset for the at least one API; and display, via a user interface (UI) of the UE, a user response including at least a portion of the API analytics dataset.
15 . The system of claim 14 , wherein the one or more hardware processors are further configured by machine-readable instructions to:
extract API-specific metadata from each of the at least one API, wherein the API-specific metadata comprises one or more of API identification (ID) information, directory information, and software-framework (SW-FW) information.
16 . The system of claim 14 , wherein, prior to displaying the user response, the one or more hardware processors are configured by machine-readable instructions to:
generate a static portion of the user response using a user response template; generate a dynamic portion of the user response using the API analytics dataset; and synthesize the static and dynamic portions of the user response to generate the user response for display on the UI of the UE.
17 . The system of claim 14 , wherein,
the plurality of SCRs include at least a first SCR and a second SCR, each of the first and the second SCRs comprise a plurality of repository files including one or more API-specific data files associated with one or more APIs and one or more non API files; and wherein extracting metadata analysis information from the each of the first and the second SCRs comprises:
identifying the one or more API-specific data files from the plurality of repository files, and
extracting metadata associated with at least a portion of the plurality of repository files, including at least the one or more API-specific data files.
18 . The system of claim 14 , wherein generating the AI prompt comprises:
parsing source code metadata from the at least one SCR; generating an initial AI prompt, based at least in part on parsing the source code metadata; identifying one or more limits or constraints imposed by the AI module on AI prompts; determining whether the initial AI prompt satisfies the one or more limits or constraints; and dynamically updating the initial AI prompt to generate a compliant AI prompt, based on determining that the initial AI prompt does not satisfy the one or more limits or constraints.
19 . The system of claim 14 , wherein prior to receiving the at least one API analytics dataset, the one or more hardware processors are configured by machine-readable instructions to:
select an AI model from a plurality of AI models; and apply the selected AI model to the AI prompt to generate the API analytics dataset; and wherein the AI model is selected from a group consisting of a text-based model, a large language model (LLM), a machine-learning (ML) model, an artificial neural network (ANN) model, a decision tree model, a reinforcement learning model, and a transformer model.
20 . A non-transient computer-readable storage medium having instructions embodied thereon, the instructions being executable by one or more processors to perform a method for Application Programming Interface (API) detection and evaluation using a computing platform, the method comprising:
receiving, from a user equipment (UE), one or more requests to analyze data stored across a plurality of source code repositories (SCRs), wherein, the one or more requests include authentication information for accessing each of the plurality of SCRs, and at least one of the plurality of SCRs comprises data associated with at least one API; obtaining access to at least one SCR of the plurality of SCRs, based on providing the respective authentication information to each of the plurality of SCRs; scanning, based on obtaining access, the at least one SCR, wherein scanning the at least one SCR comprises: analyzing a plurality of data files stored in the at least one SCR, extracting metadata analysis information from the at least one SCR, and identifying at least one API associated with the at least one SCR, based on analyzing the plurality of data files and extracting the metadata analysis information; generating an Artificial Intelligence (AI) prompt, based at least in part on extracting the metadata analysis information, wherein generating the AI prompt further comprises transmitting the AI prompt to an AI module; receiving, from the AI module, at least one API analytics dataset for the at least one API; and displaying, via a user interface (UI) of the UE, a user response including at least a portion of the API analytics dataset.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.